[Snort-devel] Unchecked call to stat() in src/util.c for Snort-2.9.5.3

Bill Parker wp02855 at ...2499...
Wed Aug 7 12:33:19 EDT 2013


Hello All,

In reviewing snort-2.9.5.3, I found some calls to stat()
without return value checks testing for a value of less than
zero, indicating failure.

The patch file below adds this test for file src/util.c:

--- util.c.orig 2013-08-06 16:07:42.274552534 -0700
+++ util.c      2013-08-06 16:15:36.051551155 -0700
@@ -781,14 +781,20 @@
                        "system\n", _PATH_VARRUN);
 #endif  /* _PATH_VARRUN */

-            stat(_PATH_VARRUN, &pt);
+            if (stat(_PATH_VARRUN, &pt) == -1)
+           {
+               LogMessage("WARNING: Unable to stat() /var/run...\n");
+           }

             if(!S_ISDIR(pt.st_mode) || access(_PATH_VARRUN, W_OK) == -1)
             {
                 LogMessage("WARNING: _PATH_VARRUN is invalid, trying "
                            "/var/log/ ...\n");
                 SnortStrncpy(snort_conf->pid_path, "/var/log/",
sizeof(snort_conf->pid_path));
-                stat(snort_conf->pid_path, &pt);
+                if (stat(snort_conf->pid_path, &pt) == -1)
+               {
+                   LogMessage("WARNING: unable to stat() (%s).\n",
snort_conf->pid_path);
+               }

                 if(!S_ISDIR(pt.st_mode) || access(snort_conf->pid_path,
W_OK) == -1)
                 {

A 'make' results in successful compilation of snort-2.9.5.3.

I am attaching the patch file to this email.

Bill Parker (wp02855 at gmail dot com)
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20130807/e6d7faa2/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: stat_util.c.patch
Type: application/octet-stream
Size: 974 bytes
Desc: not available
URL: <https://lists.snort.org/pipermail/snort-devel/attachments/20130807/e6d7faa2/attachment.obj>


More information about the Snort-devel mailing list